Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coppermine coppermine photo gallery vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-7186
Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote malicious users to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-2008-0504.
Coppermine-gallery Coppermine Photo Gallery 1.4.14
5
CVSSv2
CVE-2011-3722
Coppermine Photo Gallery (CPG) 1.5.12 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other files.
Coppermine-gallery Coppermine Photo Gallery 1.5.12
4.3
CVSSv2
CVE-2018-14478
ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.
Coppermine-gallery Coppermine Photo Gallery 1.5.46
4.3
CVSSv2
CVE-2015-6528
Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Gallery (CPG) 1.5.36 allow remote malicious users to inject arbitrary web script or HTML via the (1) admin_username, (2) admin_password, (3) admin_email, (4) dbserver, (5) dbname, (6) d...
Coppermine-gallery Coppermine Photo Gallery 1.5.36
5
CVSSv2
CVE-2008-7187
Coppermine Photo Gallery (CPG) 1.4.14 allows remote malicious users to obtain sensitive information via a direct request to include/slideshow.inc.php, which leaks the installation path in an error message.
Coppermine-gallery Coppermine Photo Gallery 1.4.14
6.5
CVSSv2
CVE-2007-0835
admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to execute arbitrary shell commands via shell metacharacters (";" semicolon) in the "Command line options for ImageMagick" form field, when used as an option ...
Coppermine Coppermine Photo Gallery
4
CVSSv2
CVE-2007-0836
admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to include arbitrary local and possibly remote files via the (1) "Path to custom header include" and (2) "Path to custom footer include" form fields. NOTE: Th...
Coppermine Coppermine Photo Gallery
1 EDB exploit
10
CVSSv2
CVE-2007-1414
Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo Gallery (CPG) allow remote malicious users to execute arbitrary PHP code via a URL in the (1) cmd parameter to (a) image_processor.php or (b) picmgmt.inc.php, or the (2) path parameter to (c) include/functions...
Coppermine Coppermine Photo Gallery
7.5
CVSSv2
CVE-2007-3558
SQL injection vulnerability in Coppermine Photo Gallery (CPG) prior to 1.4.11 allows remote malicious users to execute arbitrary SQL commands via an album password cookie to an unspecified component.
Coppermine Coppermine Photo Gallery
1 EDB exploit
4.3
CVSSv2
CVE-2007-5888
Cross-site scripting (XSS) vulnerability in displayecard.php in Coppermine Photo Gallery (CPG) prior to 1.4.14 allows remote malicious users to inject arbitrary web script or HTML via the data parameter.
Coppermine Coppermine Photo Gallery
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »